Service DescriptionITS contracts with QualysGuard SaaS to provide vulnerability scanning services for critical systems or systems hosting sensitive data. ITS coordinates access to the QualysGuard scanners and allocates licenses and user accounts to designated business units where there is a demonstrated need for vulnerability scanning services. Service implementation and support include:
- Consultation regarding service options and configurations that best fit the customer's needs
- A fully managed service
- Configuration and support of hardware and software components
- 24 x 7 technical support, including centralized monitoring and management via ITS Network-Security Operations and the ITS Service Desk
- Customer access to reports defining the present vulnerability profile for the business unit.
- Hardware and software components required to provide the QualysGuard SaaS vulnerability scanning service
- A designated Business Unit Manager account
- Additional manager, scanner or reader accounts as requested.
Hours of AvailabilityThis service is available to customers 24 x 7, excluding planned outages, maintenance windows and unavoidable events. Maintenance windows are used only when needed for planned changes that have gone through the ITS Change Management Process. In addition to the Standard ITS Maintenance Windows, site-specific and service-specific changes may be coordinated with customers at non-standard times. Standard maintenance windows are defined as:
- 5:00am - 7:30am Monday through Thursday, regular and preventive maintenance as coordinated with the customer(s) - intended use: maintenance on information security infrastructure and systems
UNC-Chapel Hill campus
- Identify systems with sensitive data or critical systems for vulnerability analysis
- Configure scanned systems to allow for authenticated scans.
- Contact the ITS Service Desk to report problems or request assistance
- Remediate level 4 and 5 vulnerabilities in a timely manner
How Do We Charge
- ITS does not presently charge for this service